Assume-guarantee verification of source code with design-level assumptions

Giannakopoulou, Dimitra; Păsăreanu, Corina S.; Cobleigh, Jamieson M.

doi:10.1109/icse.2004.1317443

Cited by 42 publications

(41 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…5.3 when filling in IAS and EHS stubs. Having a software model checker such as PathFinder -possibly driven by techniques like, e.g., those developed in [36,26,17] -available within TwoTowers would permit the verification of the overall system after the possible intervention of the software developer, whereas customized static analysis tools such as TPTP may be exploited for guiding the previously mentioned intervention.…”

Section: Resultsmentioning

confidence: 99%

Non-synchronous Communications in Process Algebraic Architectural Description Languages

Bernardo

Bontà

2008

Software Architecture

View full text Add to dashboard Cite

Architectural description languages are a useful tool for modeling complex software systems at a high level of abstraction. If based on formal methods, they can also serve for enabling the early verification of various properties such as component coordination and for guiding the synthesis of code correct by construction. This is the case with process algebraic architectural description languages, which are process calculi enhanced with the main architectural concepts. However, the techniques with which those languages have been equipped are mainly conceived to work with synchronous communications only. The objective of this paper is threefold. On the modeling side, we show how to enhance the expressiveness of a typical process algebraic architectural description language by including the capability of representing nonsynchronous communications in such a way that the usability of the original language is preserved. On the verification side, we show how to modify techniques for analyzing the absence of coordination mismatches like the compatibility check for acyclic topologies and the interoperability check for cyclic topologies in such a way that those checks are valid also for nonsynchronous communications. On the implementation side, we show how to generate multithreaded object-oriented software in the presence of synchronous and nonsynchronous communications in such a way that the properties proved at the architectural level are preserved at the code level.

show abstract

Section: Resultsmentioning

confidence: 99%

Non-synchronous Communications in Process Algebraic Architectural Description Languages

Bernardo

Bontà

2008

Software Architecture

View full text Add to dashboard Cite

show abstract

“…They have been useful for verification of autonomous systems such as NASA's Remote Agent and K9 Mars Rover [78]. The outer-loop controller of these programs uses a planner and scheduler to coordinate the actions of multiple program threads that execute in parallel.…”

Section: Model Checking Methods For Learning Systemsmentioning

confidence: 99%

Development of Advanced Verification and Validation Procedures and Tools for the Certification of Learning Systems in Aerospace Applications

et al. 2005

View full text Add to dashboard Cite

Adaptive control technologies that incorporate learning algorithms have been proposed to enable automatic flight control and vehicle recovery, autonomous flight, and to maintain vehicle performance in the face of unknown, changing, or poorly defined operating environments. In order for adaptive control systems to be used in safety-critical aerospace applications, they must be proven to be highly safe and reliable. Rigorous methods for adaptive software verification and validation must be developed to ensure that control system software failures will not occur. Of central importance in this regard is the need to establish reliable methods that guarantee convergent learning, rapid convergence (learning) rate, and algorithm stability. This paper presents the major problems of adaptive control systems that use learning to improve performance. The paper then presents the major procedures and tools presently developed or currently being developed to enable the verification, validation, and ultimate certification of these adaptive control systems. These technologies include the application of automated program analysis methods, techniques to improve the learning process, analytical methods to verify stability, methods to automatically synthesize code, simulation and test methods, and tools to provide on-line software assurance.

show abstract

“…Checking individual components is very powerful because it shows that a particular component is correct in any possible instantiation, rather than just in one specific one. Furthermore, we expect that component-level checking will be useful in an assumeguarantee reasoning scheme [4] that can inductively show that an entire application is correct.…”

Section: Figure 1: An Interface Contract Enforces Correct Use Of a Nementioning

confidence: 99%

Interface contracts for TinyOS

Archer¹,

Levis²,

Regehr³

2007

Proceedings of the 6th International Conference on Information Processing in Sensor Networks - IPSN '07

View full text Add to dashboard Cite

TinyOS applications are built with software components that communicate through narrow interfaces. Since components enable finegrained code reuse, this approach has been successful in creating applications that make very efficient use of the limited code and data memory on sensor network nodes. However, the other important benefit of components-rapid application development through black-box reuse-remains largely unrealized because in many cases interfaces have implied usage constraints that can be the source of frustrating program errors. Developers are commonly forced to read the source code for components, partially defeating the purpose of using components in the first place. Our research helps solve these problems by allowing developers to explicitly specify and enforce component interface contracts. Due to the extensive reuse of the most common interfaces, implementing contracts for a small number of frequently reused interfaces permitted us to extensively check a number of applications. We uncovered some subtle and previously unknown bugs in applications that have been in common use for years.

show abstract

Assume-guarantee verification of source code with design-level assumptions

Cited by 42 publications

References 25 publications

Non-synchronous Communications in Process Algebraic Architectural Description Languages

Non-synchronous Communications in Process Algebraic Architectural Description Languages

Development of Advanced Verification and Validation Procedures and Tools for the Certification of Learning Systems in Aerospace Applications

Interface contracts for TinyOS

Contact Info

Product

Resources

About